In this excerpt from Robbie Allen's Windows Server Cookbook, Robbie shows you how to build Web sites and how to mailbox-enable users.
You want to create a web site.
To create a new web site from scratch using a wizard, do the following:
Open Internet Information Services (IIS) Manager.
In the left pane, expand the server node.
Right-click on the Web Sites node, select New → Web Site to start the Web SiteCreation Wizard, and click Next.
Type a descriptive name for your site and click Next.
Assign an IP address to your site and click Next.
Specify the path to the home directory for your site, decide whether to allow anonymous access to your site, and click Next.
Specify web permissions to control access to your site and click Next, then Finish.
To create a new web site using a previously saved configuration file, do the following:
Open Internet Information Services (IIS) Manager.
In the left pane, expand the server node.
Right-click on the Web Sites node and select New → Web Site (from file).
Specify the path to the XML file containing your saved IIS configuration, click Read File, select the web site you want to import, and click OK.
If the saved configuration was password protected when it was created, you'll be prompted here for a password; enter it and click OK.
Right-click on the new web site and select Start.
The following command creates a new web site named Human Resources on server with IP 22.214.171.124 and root directory D:\HR:
> iisweb /create D:\HR "Human Resources" /i 126.96.36.199
The following command creates a new site named
Company with root directory D:\Corp
and IP address "All Unassigned,"
effectively making My Company the new default web site on the server:
> iisweb /create D:\Corp "My Company"
The following command creates a site on a standalone server named
web04 using local credentials for that computer
and leaving the site in a stopped state:
> iisweb /create D:\Finance "Accounting Department" /i 188.8.131.52 /dontstart /s web01 /u web04\Administrator /p <password>
The following command creates a site by importing a previously saved password-protected site configuration file named hr.xml:
> iiscnfg /import /f D:\hr.xml /d <password> /sp /lm/w3svc/1525757177 /dp /lm/w3svc/2/child
The ID number 1525757177 for this site can be found by opening the
XML file in Notepad and examining the Location attribute of the
IisWebServer tag. For example:
<IIsWebServer Location ="/LM/W3SVC/1525757177" AuthFlags="0" ServerAutoStart="TRUE" ServerBindings="172.16.12.50:80:" ServerComment="Human Resources" > </IIsWebServer>
TIP: You can also retrieve this identifier from IIS Manager by clicking the Web Sites folder in the left pane. The list of web sites and their identifiers will be shown in the right pane.
' This code creates a web site. ' ------ SCRIPT CONFIGURATION ------ strComputer = "<ServerName>" ' computer to connect to strSiteName = "<SiteName>" ' web site description strRootDir = "<DirPath>" ' root directory for the web site ' The following parameters are optional ' strPort = "<PortNumber>" ' port for the web site ' strIP = "<IPAddress>" ' IP address used for the site ' strHostHeader = "<HostName>" ' host header name for the site ' strSiteID = 1234 ' site ID (default is to auto-generate) ' ------ END CONFIGURATION --------- set objIIS = GetObject("IIS://" & strComputer & "/W3SVC" ) objServerBindings = Array(0) objServerBindings(0) = strIP & ":" & strPort & ":" & strHostHeader strNewSiteID = objIIS.CreateNewSite(strSiteName, objServerBindings, _ strRootDir, strSiteID) WScript.Echo "Successfully created web site " & strSiteName & _ " with ID " & strNewSiteID
If you leave the IP address for your new site as All Unassigned, your
new site will be the default web site for your computer, which is the
web site the server returns when a browser tries to access an IP
address not currently assigned to another site. For example, if a
computer has three IP addresses--172.16.12.50, 172.16.12.51, and
172.16.12.52--and only the first address has been assigned to a site,
then opening the URLs
http://172.16.12.52 will return the default
web site. It's a good idea to have a default web
site configured with general contact information about your company
on a server that will be hosting many sites. Note that if there is
already a web site that has All Unassigned for its IP address (such
as the Default Web Site created when IIS is installed) then if you
assign All Unassigned to another site you won't be
able to start that site.
Host headers are a feature of the HTTP/1.1 specification and allow IIS to host multiple web sites that have the same IP address and port number but different DNS identities. You can't use host headers for sites that use SSL, however, and to use host headers you must have DNS name resolution working on your network. Also, don't assign any host header names to the Default Web Site. One good side of host headers is that when you have thousands of web sites hosted on a single IIS computer, using host headers to identify them incurs a smaller performance hit than using individual IP addresses.
The one tricky thing about this code is setting up the
ServerBindings array. For whatever reason, instead
of making the web site IP address, port, and host header part of the
parameters to the
CreateNewSite method, they must
be concatenated together in an array element and separated by a
Recipe 12.4, Recipe 12.17, MS KB 304187 (IIS: Home Directory Cannot Point to Mapped Drives), and MS KB 816568 (HOW TO: Manage Web Sites and Web Virtual Directories by Using Command-Line Scripts in IIS 6.0)
You want to create a mailbox for a user. This is also known as mailbox-enabling a user.
Open the ADUC snap-in.
TIP: This needs to be run on a workstation or server that has the Exchange Management Tools loaded (see Recipe 17.6).
If you need to change domains, right-click on Active Directory Users and Computers in the left pane, select Connect to Domain, enter the domain name, and click OK.
In the left pane, browse to the parent container of the user, right-click on the user, and select Exchange Tasks.
On the Welcome screen, click Next.
Select Create Mailbox and click Next.
Verify the mail alias is what you want, select the server you want the mailbox on, select which store where you want the mailbox, and click Next.
On the Completion screen, click Finish.
> exchmbx -b "<UserDN>"-cr"<server>:<storage group>:<mail store>"
Or alternatively, run the following command:
> exchmbx -b <UserDN> -cr"<Home MDB URL>"
To mailbox-enable user joe with a mailbox on Exchange Server SRV1, Storage group SG1, and mailbox store DB1, execute the following command:
> exchmbx -b "cn=joe,cn=users,dc=rallencorp,dc=com"-cr "srv1:sg1:db1"
TIP: I highly recommend that you keep your storage group and mailbox store names short, simple, and "space" free. Spaces are troublesome to deal with at the command prompt and have caused many administrators unneeded grief. If you do not use spaces and other special characters, you can dispense with the quotes in all of the command-line examples.
Replace <UserDN> with the
user's distinguished name,
<server> with the Exchange server
name, <storagegroup> with the storage group,
<mailstore> with the mail store, and
<Home MDB URL> with the full
homeMDB URL for the desired mailbox store.
' This code creates a mailbox for a user. ' ------ SCRIPT CONFIGURATION ------ strUserDN = "<UserDN>" ' e.g., cn=jsmith,cn=Users,dc=rallencorp,dc=com strHomeMDB = "<Home MDB DN>" ' e.g. CN=Mailbox Store (SERVER),CN=First Storage Group,CN=InformationStore, ' CN=SERVER,CN=Servers,CN=First Administrative Group,CN=Administrative Groups, ' CN=RALLENCORPMAIL,CN=Microsoft Exchange,CN=Services, ' CN=Configuration,DC=rallencorp,DC=com" ' ------ END CONFIGURATION --------- set objUser = GetObject("LDAP://" & strUserDN) objUser.CreateMailBox strHomeMDB objUser.SetInfo( ) Wscript.Echo "Successfully mailbox-enabled user."
A mailbox-enabled user is a user who has a mailbox defined in the Exchange organization where the user object exists. This is the most common object in an Exchange organization.
TIP: Mailbox-enabling a user requires Exchange Data Administrator permissions. See the Discussion for Recipe 17.7.
When you create a mailbox for a user with the GUI or VBScript, you
call out to the
CreateMailbox CDOEXM interface. In
the background, the specific changes made by the
CreateMailbox method are on the
user object in Active Directory and include
changes to the following attributes:
Once all of those attributes are in place, the RUS sets additional attributes on the user object. The mailbox cannot be used nor receive email until the RUS has gone through this stamping process.
Creating a mailbox when you create a new user is a trivial task with ADUC because you simply need to specify the email alias and where in the Exchange organization the mailbox should reside. All of the guesswork on where the mailbox can go is removed because you have to select the location from the drop-down menu.
Prior to the ExchMbx tool, there was no simple way to mailbox-enable
a user from the command line. The LDIFDE method is not feasible
attribute is a binary value and difficult to manipulate with LDIF
files and text editors. For flexibility, ExchMbx allows you to
specify the entire
homeMDB URL, or you can specify
the server, storage group, and mailbox store.
TIP: If you want to mailbox-enable multiple users at once, remove the
-boption from the parameter list and pipe the distinguished names into ExchMbx from another tool or from a file. Run
exchmbx /?for usage details.
The trickiest part of creating a mailbox for a user with VBScript is
to know what to use for the
homeMDB attribute. If
you use the wrong value you will get the error: "The
server is not operational," which
isn't helpful feedback. This is where the GUI method
is nice, because it looks up all of the possible values for you and
lets you select from the list.
I present an alternative scripting method in Recipe 17.16, which lets you specify three well-known
pieces of information to locate the proper
value. Finally, another alternative would be to search Active
Directory for all valid
homeMDB values, display
them, and have the person running the script select from the list
just like ADUC does. This third method involves searching against the
Configuration container of Active Directory with the following
MS KB 275636 (Creating Exchange Mailbox-Enabled and Mail-Enabled Objects in Active Directory) and MS KB 253770 (XADM: Tasks Performed by the Recipient Update Service)
Robbie Allen is the coauthor of Active Directory, 2nd Edition and the author of the Active Directory Cookbook.
Return to the WindowsDevCenter.com.
Copyright © 2009 O'Reilly Media, Inc.